Email Blacklists – Cause, Effect and Prevention

‎The GlowHost Support Team faces tons of different issues that can affect our customers every day. When a fix is not readily available, we have to invent new methods and use creative solutions to solve difficult problems, instead of having fun by spending our time at the beach. One of these tricky problems is the useful, but problematic thing known as an email blacklist.

Solving complex tasks is not only our job but we enjoy doing it, and we hope our customers are satisfied with results we provide. By the way, you can share your feedback, or read what others have to say here. Truth be told, even negative feedback is appreciated (the constructive kind, not the destructive kind… the latter just hurts our feelings and doesn’t really help anyone), because it is valuable for our team and management to understand what went wrong, and how we can make it better for next time.

hack, spam, money, email, blacklist

Anyway, back to what I wanted to talk about, which is arguably the most annoying issue we’ve had over the years where sometimes our shared servers were getting blacklisted because they were identified as a spam source. Our lead admins have had enough of begging the blacklist providers for assistance, because getting a response from such providers is either slow, or non-existent. They finally said “Something’s gotta change” and decided to take a much more pro-active stance on the issue because our re-active stance was not solving the problem. Here is what they did to ensure better email delivery and prevent blacklisting for our shared customers, who incidentally, are the most likely to find themselves on an email blacklist:

– Created a real-time monitoring system of all known, major spam blacklists, so we are immediately notified if a server is added to blacklists. No more waiting for a customer to complain about it, no more having to ask the customer for the bounced email, no more having to explain to novice users what an email header is and how to provide us with a copy of it.

– Configured outbound email sending limits for different types of accounts and implemented additional solutions to what was already in place to block malicious scripts from sending spam.

– Deployed CloudLinux on a‎ll shared servers to prevent accounts from being hacked (hackers usually send spam from accounts they get access to).

– Implemented integration with Sucuri so that problematic accounts had an optional, additional layer of protection to prevent their site from becoming a spam source. Sucuri is a low cost, high value solution which monitors a web site for problems, informs a user how to correct them, and if a site is hacked, they will repair it free of charge so long as the service is active on the user’s account. Sucuri does all sorts of other nifty things. If you are interested in learning more about this service, you can do so here.

– Added Softaculous to cPanel in order to provide customers with automatic updates of the software/scripts/apps that they run on their web site.  It is much more difficult to hack up-to-date scripts. However, traditionally, updating scripts was known to be time consuming or could even damage a site, so many site owners preferred not to upgrade. With Softaculous, these problems are a thing of the past. Script upgrades are easy and painless.

The results of these new changes were exceptional. We decreased the number of hacks by 80% or more, email blacklistings were handled before most customers even knew it happened, and our customers appreciated the new features. Yet, for some reason, our servers continued being blacklisted due to SPAM. Can someone say WTF? How can it be!!!

The next step in solving this mystery was adding customized monitoring of the email queue on each server, so we could catch spammers more quickly. We assumed that we must not be monitoring outbound email closely enough with our current tracking systems. This provided us with an insight of all email systems on all servers simultaneously on one screen. To our surprise, we found out that the email queues were normal, so why were we still getting blacklisted? What was the problem? WTF x2!

I was really surprised when our best admins found out what is happening. The problem is with forwarders. For example, if I host my domain andrew.com with an email address of email@andrew.com and setup a forwarder to andrew@gmail.com (so I get all emails in one main account), the following happens:

Once email@andrew.com receives a spam email, it forwards the spam email to andrew@gmail.com. As a result, Google Mail A.K.A. Gmail (or AT&T, Microsoft or any other email provider) decides that our server is the originating server sending the spam, even though all we did was redirect/forward that spam message… and then they block us. How unfair is that? Pretty unfair, but now we know where a lot of the blacklistings are caused from.

team fixing email blacklistsAs you can see, email forwarders can be a dangerous tool and we ask you to use them carefully, Clearly, email forwarders are very useful but they do have their risks. In fact, if the problems with them persist, they may be removed from our services at some point in the future, so it might be a good time to plan ahead and consider an alternative method to relay email.

The GlowHost team found two possible solutions:

1. Try not to use forwarders. Gmail offers the ability to check your mailboxes via POP3 protocol. What I mean by that is that they can check my @andrew.com email and it will show up on their side, without using a forwarder. Instructions can be found here. You don’t need forwarders at all in this case, since your Gmail account will just download all your emails automatically. This is our number one recommendation instead of using forwarders.

2. Use Spam Assassin if you forward emails. In cPanel -> SpamAssassin you can choose the “Spam Auto-Delete” option and it will remove emails that have been marked as SPAM instead of forwarding them to 3rd party services that like to block our servers so much.

Cooperation to avoid email blacklists

Together, we can work to end server blacklisting and keep the emails flowing. Please feel free to leave your questions or comments about email blacklists below in the comments section – we’d love to read them!

Also, if you are experiencing email blacklisting from your current provider, we can help. If email is mission-critical to your business, we have a variety of solutions available to you including dedicated email servers which completely isolate you from ‘bad neighbors’ and their forwarders. A dedicated email server from GlowHost can reduce the likelihood of a blacklisting significantly.

Call us, chat with us, or email us today – Get in touch here.